Put rel="noreferrer" on all nonlocal links
fd6f1829e353
Actions

Description

Put rel="noreferrer" on all nonlocal links

Summary:
Ref T4342. By default, insert rel="noreferrer" for links. We do not insert this if:

The caller provided an explicit "rel" attribute.
We recognize the link as an anchor ("#comment-2"), or as local to the current domain ("/path/to/resource").

Otherwise, add it in all cases.

Test Plan: Added and executed unit tests. (The javascript stuff which was touched a little bit has a pile of tests already, too.)

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4342

Differential Revision: https://secure.phabricator.com/D8711

Details

Provenance

epriestley	Authored on
epriestley	Pushed on Apr 8 2014, 12:13 PM

Reviewer

btrahan

Differential Revision

D8711: Put rel="noreferrer" on all nonlocal links

Parents

rPHU7a4f46251c21: Support HTTP basic auth in HTTPFuture

Branches

Unknown

Tags

Unknown

Tasks

T4342: Implement browser mechanisms which remove referrers

Event Timeline

Changes (2)

Path

Size

src/

markup/

__tests__/

PhutilMarkupTestCase.php

render.php

rPHUfd6f1829e353

View Options

src/markup/tests/PhutilMarkupTestCase.php